Community

tbatiuk · ‎04-29-2019

Hi there,

We use SAML authentication (Google) for the majority of our users, students on Chromebooks. Because this method is in position 1, when students log in to their device, their Dashboard automatically loads from ...login/saml without additional clicks. This is meaningful especially because we have younger students on devices.

Parents use Observer accounts with passwords by logging in to .../login/canvas; however, they run into the problem that their Canvas notifications contain hyperlinks that route them to the SAML authentication, confusing most Observer users.

Initially I set up a Discovery URL to address the authentication issue; however, this means that every student logging on to their Chromebook now has to select that they are a student upon logging in. This creates an extra step for students, again thinking of those younger ones.

A suggestion was to customize the SAML authentication page with HTML & Javascript to include a button like "If you are a parent..." that directs to their Canvas authentication. Does anyone have experience customizing a SAML page for a purpose like this? That is unfortunately outside of our expertise.

Thank you in advance!

robotcars · ‎04-30-2019

If it's a Canvas login page, it should be possible to modify it with Global Themes.

We modify several of the elements on the login page. https://ccsd.instructure.com

Trouble Logging In - we replace the entire Forgot Password option

Parents Get Accounts Too - we append the note for Employees

It does require JavaScript and HTML. Our's currently uses jQuery, something I need to remedy, maybe this summer.

tbatiuk · ‎05-01-2019

Thanks, Robert! I appreciate your reply and I hope folks found it helpful.

Since our position 1 authentication method is SAML, unfortunately the page we would need to modify is the SAML authentication page, as the Canvas login page is the position 2 method that I'd like to route parents to if their credentials are not found from the position 1 method. At least that is my understanding, but feel free to correct me if anyone sees this differently!

jsavage2 · ‎05-01-2019

Hi Tim,

As you suspect, that's a function of your SAML provider, and Google doesn't provide much (any) customization.

The workaround would be to create your own login provider that acts as a proxy for Google auth, and put that in position 1.

robotcars · ‎05-01-2019

That's what I've confirmed as well asking on the IRC.

ColinMurtaugh · ‎05-10-2019

Hi Tim --

You may be able to include some Javascript in your Discovery page that would remember (using a cookie) what authentication option the user picked, and on subsequent loads it could just immediately redirect the user there.

I expect you could either set the cookie automatically, or by user choice ("check this box to remember your selection for 30 days" or something like that).

We don't currently use a discovery page, so I don't have any actual JS code to share, but maybe someone else here has done something like that.

Hope this is helpful!

--Colin

tbatiuk · ‎05-10-2019

Ah, Colin, that is a great thought! Thank you for that, I am going to investigate further.

Community

Have a Canvas Question?

Have a Mastery Question?

Have an Elevate Question?

Have an Impact Question?

Create custom SAML authorization page with link to login/canvas

Authentication

Moderate Quizzes vs Edit Assignment/Quiz Permissio...

student photo import

SQS Event Monitoring - Reassign

Managing User Accounts for Non-Credit Courses

Test out new Drop Box tool?